auto-upgrades and notify using email

modules/common/mail/default.nix

@@ -1,6 +1,6 @@
 { config, pkgs, lib, ... }: {
 
-  imports = [ ./himalaya.nix ./aerc.nix ];
+  imports = [ ./himalaya.nix ./aerc.nix ./system.nix ];
 
   options = {
     mail.enable = lib.mkEnableOption "Mail service.";
@@ -78,7 +78,6 @@
                 CopyArrivalDate = "yes"; # Sync time of original message
               };
             };
-            msmtp.enable = true;
             notmuch.enable = true;
             passwordCommand =
               "${pkgs.age}/bin/age --decrypt --identity ${config.identityFile} ${

modules/common/mail/system.nix

@@ -0,0 +1,32 @@
+{ config, pkgs, lib, ... }: {
+
+  config = lib.mkIf (config.mail.enable || config.server) {
+
+    home-manager.users.${config.user} = {
+
+      programs.msmtp.enable = true;
+      accounts.email.accounts.system =
+        let address = "system@${config.mail.server}";
+        in {
+          userName = address;
+          realName = "NixOS System";
+          primary = false;
+          inherit address;
+          passwordCommand =
+            "${pkgs.age}/bin/age --decrypt --identity ${config.identityFile} ${
+              pkgs.writeText "mailpass-system.age"
+              (builtins.readFile ../../../private/mailpass-system.age)
+            }";
+          msmtp.enable = true;
+          smtp = {
+            host = config.mail.smtpHost;
+            port = 465;
+            tls.enable = true;
+          };
+        };
+
+    };
+
+  };
+
+}

modules/nixos/system/default.nix

@@ -15,6 +15,43 @@
     systemd.services.nix-gc.postStop =
       lib.mkIf (!config.server) "systemctl suspend";
 
+    # Update the system daily
+    system.autoUpgrade = {
+      enable = config.server; # Only auto upgrade servers
+      dates = "03:33";
+      flake = "git+${config.dotfilesRepo}";
+      randomizedDelaySec = "45min";
+      operation = "switch";
+      allowReboot = config.server; # Reboot servers
+      rebootWindow = {
+        lower = "00:01";
+        upper = "06:00";
+      };
+    };
+    systemd.services."notify-email@" =
+      let address = "system@${config.mail.server}";
+      in {
+        enable = config.mail.enable;
+        environment.SERVICE_ID = "%i";
+        script = ''
+          TEMPFILE=$(mktemp)
+          echo "From: ${address}" > $TEMPFILE
+          echo "To: ${address}" >> $TEMPFILE
+          echo "Subject: Failure in $SERVICE_ID" >> $TEMPFILE
+          echo -e "\nGot an error with $SERVICE_ID\n\n" >> $TEMPFILE
+          set +e
+          systemctl status $SERVICE_ID >> $TEMPFILE
+          set -e
+          ${pkgs.msmtp}/bin/msmtp \
+              --file=${config.homePath}/.config/msmtp/config \
+              --account=system \
+              ${address} < $TEMPFILE
+        '';
+      };
+    systemd.services.nixos-upgrade.onFailure =
+      lib.mkIf config.systemd.services."notify-email@".enable
+      [ "notify-email@%i.service" ];
+
   };
 
 }

private/mailpass-system.age

@@ -0,0 +1,12 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyA3Ynp0
+UUVDdVk1MG1nQmZ3cDl5UmY5VnpMSkdyYmluTlJGWUdnRVQyVWhvCkNlQkY0RUR5
+ODZTYUEzQlBmelBLcUxuWjdiYms2RUtmYlFFeEpXM3JCMlUKLT4gc3NoLWVkMjU1
+MTkgWXlTVU1RIFNySTEvUXhycFhZa3h5ZnZyaXJEZ3BGRW03WGRvM29FQlZJQ2xx
+ZnMwVzgKbGFVMDlYZjVzeUJyY1kyc0ZXRnVydHkzOWtPaE1uTXllbHhaQTdIa016
+VQotPiBzc2gtZWQyNTUxOSBuanZYNUEgdjh4T2FkckZYQlpsd3ZSTmc4VGRxWjg4
+TVRCTUl4U1BnanVwV29POXhIZwpEcHBUOFJjTXBGTExYTWtmd01XQlZndklXTkdU
+NHBnYkNBTSs5K1A3cE9vCi0tLSBBa01zRTdNYW5wRlltVkgrWG9mdHcrZ1NXRUwz
+UUhsalZSeU1CVENmbnp3CphGOZ7hu3mq3UI69UCJq7ptFDMUmdmYW4ydzz2RVlYX
+P1JWkX0IpnHtcFPK1XmRrBkiyto=
+-----END AGE ENCRYPTED FILE-----